1 /* 2 * This file is part of the openHiTLS project. 3 * 4 * openHiTLS is licensed under the Mulan PSL v2. 5 * You can use this software according to the terms and conditions of the Mulan PSL v2. 6 * You may obtain a copy of Mulan PSL v2 at: 7 * 8 * http://license.coscl.org.cn/MulanPSL2 9 * 10 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, 11 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, 12 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. 13 * See the Mulan PSL v2 for more details. 14 */ 15 16 #ifndef REC_CONN_H 17 #define REC_CONN_H 18 19 #include <stdint.h> 20 #include <stddef.h> 21 #include "rec.h" 22 #if defined(HITLS_TLS_PROTO_DTLS12) && defined(HITLS_BSL_UIO_UDP) 23 #include "rec_anti_replay.h" 24 #endif /* HITLS_TLS_PROTO_DTLS12 && HITLS_BSL_UIO_UDP */ 25 26 #ifdef __cplusplus 27 extern "C" { 28 #endif 29 30 #define REC_MAX_MAC_KEY_LEN 64 31 #define REC_MAX_KEY_LENGTH 64 32 #define REC_MAX_IV_LENGTH 16 33 #define REC_MAX_KEY_BLOCK_LEN (REC_MAX_MAC_KEY_LEN * 2 + REC_MAX_KEY_LENGTH * 2 + REC_MAX_IV_LENGTH * 2) 34 #define MAX_SHA1_SIZE 20 35 #define MAX_MD5_SIZE 16 36 37 #define REC_CONN_SEQ_SIZE 8u /* Sequence number size */ 38 39 /** 40 * Cipher suite information, which is required for local encryption and decryption 41 * For details, see RFC5246 6.1 42 */ 43 typedef struct { 44 HITLS_MacAlgo macAlg; /* MAC algorithm */ 45 HITLS_CipherAlgo cipherAlg; /* symmetric encryption algorithm */ 46 HITLS_CipherType cipherType; /* encryption algorithm type */ 47 HITLS_Cipher_Ctx *ctx; /* cipher context handle, only for record layer encryption and decryption */ 48 HITLS_HMAC_Ctx *macCtx; /* mac context handle, only for record layer mac */ 49 50 uint8_t macKey[REC_MAX_MAC_KEY_LEN]; 51 uint8_t key[REC_MAX_KEY_LENGTH]; 52 uint8_t iv[REC_MAX_IV_LENGTH]; 53 bool isExportIV; /* Used by the TTO feature. The IV does not need to be randomly 54 generated during CBC encryption If it is set by user */ 55 /* key length */ 56 uint8_t macKeyLen; /* Length of the MAC key. The length of the MAC key is 0 in AEAD algorithm */ 57 uint8_t encKeyLen; /* Length of the symmetric key */ 58 uint8_t fixedIvLength; /* iv length. It is the implicit IV length in AEAD algorithm */ 59 60 /* result length */ 61 uint8_t blockLength; /* If the block length is not zero, the alignment should be handled */ 62 uint8_t recordIvLength; /* The explicit IV needs to be sent to the peer */ 63 uint8_t macLen; /* Add the length of the MAC. Or the tag length in AEAD */ 64 } RecConnSuitInfo; 65 66 /* connection state */ 67 typedef struct { 68 RecConnSuitInfo *suiteInfo; /* Cipher suite information */ 69 uint64_t seq; /* tls: 8 byte sequence number or dtls: 6 byte seq */ 70 bool isWrapped; /* tls: Check whether the sequence number is wrapped */ 71 72 uint16_t epoch; /* dtls: 2 byte epoch */ 73 #if defined(HITLS_BSL_UIO_UDP) 74 uint16_t reserve; /* Four-byte alignment is reserved */ 75 RecSlidWindow window; /* dtls record sliding window (for anti-replay) */ 76 #endif 77 } RecConnState; 78 79 /* see TLSPlaintext structure definition in rfc */ 80 typedef struct { 81 uint8_t type; // ccs(20), alert(21), hs(22), app data(23), (255) 82 #ifdef HITLS_TLS_FEATURE_ETM 83 bool isEncryptThenMac; 84 #endif 85 uint8_t reverse[2]; 86 87 uint16_t version; 88 uint16_t negotiatedVersion; 89 90 uint8_t seq[REC_CONN_SEQ_SIZE]; /* 1. tls: sequence number 2.dtls: epoch + sequence */ 91 92 uint32_t textLen; 93 const uint8_t *text; // fragment 94 } REC_TextInput; 95 96 /** 97 * @brief Initialize RecConnState 98 */ 99 RecConnState *RecConnStateNew(void); 100 101 /** 102 * @brief Release RecConnState 103 */ 104 void RecConnStateFree(RecConnState *state); 105 106 /** 107 * @brief Obtain the Sequence number 108 * 109 * @param state [IN] Connection state 110 * 111 * @retval Sequence number 112 */ 113 uint64_t RecConnGetSeqNum(const RecConnState *state); 114 115 /** 116 * @brief Set the Sequence number 117 * 118 * @param state [IN] Connection state 119 * @param seq [IN] Sequence number 120 * 121 * @retval Sequence number 122 */ 123 void RecConnSetSeqNum(RecConnState *state, uint64_t seq); 124 125 #ifdef HITLS_TLS_PROTO_DTLS12 126 /** 127 * @brief Obtain the epoch 128 * 129 * @attention state can not be null pointer 130 * 131 * @param state [IN] Connection state 132 * 133 * @retval epoch 134 */ 135 uint16_t RecConnGetEpoch(const RecConnState *state); 136 137 /** 138 * @brief Set epoch 139 * 140 * @attention state can not be null pointer 141 * @param state [IN] Connection state 142 * @param epoch [IN] epoch 143 * 144 */ 145 void RecConnSetEpoch(RecConnState *state, uint16_t epoch); 146 147 #endif 148 149 /** 150 * @brief Set the key information 151 * 152 * @param state [IN] Connection state 153 * @param suitInfo [IN] Ciphersuite information 154 * 155 * @retval HITLS_SUCCESS 156 * @retval HITLS_INTERNAL_EXCEPTION Invalid null pointer 157 * @retval HITLS_MEMALLOC_FAIL Memory allocated failed 158 */ 159 int32_t RecConnStateSetCipherInfo(RecConnState *state, RecConnSuitInfo *suitInfo); 160 161 162 /** 163 * @brief Encrypt the record payload 164 * 165 * @param ctx [IN] tls Context 166 * @param state RecState context 167 * @param plainMsg [IN] Input data before encryption 168 * @param cipherText [OUT] Encrypted content 169 * @param cipherTextLen [IN] Length after encryption 170 * 171 * @retval HITLS_SUCCESS 172 * @retval HITLS_MEMCPY_FAIL Memory copy failed 173 * @retval HITLS_REC_ERR_NOT_SUPPORT_CIPHER The key algorithm is not supported 174 * @retval HITLS_REC_ERR_ENCRYPT Encryption failed 175 * @see SAL_CRYPT_Encrypt 176 */ 177 int32_t RecConnEncrypt(TLS_Ctx *ctx, 178 RecConnState *state, const REC_TextInput *plainMsg, uint8_t *cipherText, uint32_t cipherTextLen); 179 180 /** 181 * @brief Decrypt the record payload 182 * 183 * @param ctx [IN] tls Context 184 * @param state RecState context 185 * @param cryptMsg [IN] Content to be decrypted 186 * @param data [OUT] Decrypted data 187 * @param dataLen [IN/OUT] IN: length of data OUT: length after decryption 188 * 189 * @retval HITLS_SUCCESS 190 * @retval HITLS_REC_ERR_NOT_SUPPORT_CIPHER The key algorithm is not supported 191 * @retval HITLS_MEMCPY_FAIL Memory copy failed 192 */ 193 int32_t RecConnDecrypt(TLS_Ctx *ctx, RecConnState *state, 194 const REC_TextInput *cryptMsg, uint8_t *data, uint32_t *dataLen); 195 196 /** 197 * @brief Key generation 198 * 199 * @param libCtx [IN] library context for provider 200 * @param attrName [IN] attribute name of the provider, maybe NULL 201 * @param param [IN] Security parameter 202 * @param client [OUT] Client key material 203 * @param server [OUT] Server key material 204 * 205 * @retval HITLS_SUCCESS 206 * @retval HITLS_INTERNAL_EXCEPTION Invalid null pointer 207 * @retval Reference SAL_CRYPT_PRF 208 */ 209 int32_t RecConnKeyBlockGen(HITLS_Lib_Ctx *libCtx, const char *attrName, 210 const REC_SecParameters *param, RecConnSuitInfo *client, RecConnSuitInfo *server); 211 /** 212 * @brief TLS1.3 Key generation 213 * 214 * @param libCtx [IN] library context for provider 215 * @param attrName [IN] attribute name of the provider, maybe NULL 216 * @param param [IN] Security parameter 217 * @param suitInfo [OUT] key material 218 * 219 * @retval HITLS_SUCCESS 220 * @retval HITLS_UNREGISTERED_CALLBACK Unregistered callback 221 * @retval HITLS_CRYPT_ERR_DIGEST hash calculation failed 222 * @retval HITLS_CRYPT_ERR_HKDF_EXPAND HKDF-Expand calculation fails 223 * 224 */ 225 int32_t RecTLS13ConnKeyBlockGen(HITLS_Lib_Ctx *libCtx, const char *attrName, 226 const REC_SecParameters *param, RecConnSuitInfo *suitInfo); 227 228 /* 229 * @brief check the mac 230 * 231 * @param ctx [IN] tls Context 232 * @param suiteInfo [IN] ciphersuiteInfo 233 * @param cryptMsg [IN] text info 234 * @param text [IN] fragment 235 * @param textLen [IN] fragment len 236 * @retval HITLS_SUCCESS 237 * @retval Reference hitls_error.h 238 */ 239 int32_t RecConnCheckMac(TLS_Ctx *ctx, RecConnSuitInfo *suiteInfo, const REC_TextInput *cryptMsg, 240 const uint8_t *text, uint32_t textLen); 241 242 /* 243 * @brief generate the mac 244 * 245 * @param libCtx [IN] library context for provider 246 * @param attrName [IN] attribute name of the provider, maybe NULL 247 * @param suiteInfo [IN] ciphersuiteInfo 248 * @param plainMsg [IN] text info 249 * @param mac [OUT] mac buffer 250 * @param macLen [OUT] mac buffer len 251 * @retval HITLS_SUCCESS 252 * @retval Reference hitls_error.h 253 */ 254 int32_t RecConnGenerateMac(HITLS_Lib_Ctx *libCtx, const char *attrName, 255 RecConnSuitInfo *suiteInfo, const REC_TextInput *plainMsg, 256 uint8_t *mac, uint32_t *macLen); 257 258 /* 259 * @brief check the mac 260 * 261 * @param in [IN] plaintext info 262 * @param text [IN] plaintext buf 263 * @param textLen [IN] plaintext buf len 264 * @param out [IN] mac info 265 * @retval HITLS_SUCCESS 266 * @retval Reference hitls_error.h 267 */ 268 void RecConnInitGenerateMacInput(const REC_TextInput *in, const uint8_t *text, uint32_t textLen, 269 REC_TextInput *out); 270 271 #ifdef HITLS_TLS_SUITE_CIPHER_CBC 272 uint32_t RecGetHashAlgoFromMACAlgo(HITLS_MacAlgo macAlgo); 273 #endif 274 #ifdef __cplusplus 275 } 276 #endif 277 278 #endif /* REC_CONN_H */ 279